What security incident has affected Zello?

Zello, a mobile communication platform with approximately 140 million users, has issued a security alert requiring password resets for accounts created before November 2nd, 2024. The exact nature of the incident is unclear, with possibilities including a data breach or credential stuffing attack.

Who is affected by this security incident?

The incident affects Zello users who created their accounts before November 2nd, 2024. Zello has approximately 140 million users, including first responders, hospitality services workers, transportation workers, and personal users who use the platform's push-to-talk functionality.

When was the security incident discovered and disclosed?

Users received security notices on November 15th, 2024, requesting password resets. The timing of the notice and the November 2nd cutoff date suggests the security incident likely occurred around November 2nd, 2024.

What actions are required from Zello users?

Users are required to reset their Zello app passwords if their accounts were created before November 2nd, 2024. Additionally, users are recommended to change passwords for any other online services where they may have used the same password.

What type of service is Zello?

Zello is a mobile communication platform that provides push-to-talk functionality, allowing users to communicate via their mobile phones. It is widely used by first responders, hospitality services, transportation workers, and for personal communication.

Incident

Zello alerts users to reset passwords due to security incident

published: Nov. 27, 2024

Learn More

Zello, a mobile communication platform with approximately 140 million users, has issued a security alert requesting password resets for accounts. The service is widely used by first responders, hospitality services, transportation workers, and for personal communication through its push-to-talk functionality, enabling these groups to communicate via their mobile phones.

On November 15th, 2024, numerous Zello users received security notices requesting them to reset their app passwords for any account created before November 2nd, 2024. The company also recommended that users change their passwords for any other online services where they may have used the same password.

The exact nature of the security incident remains unclear, with two possible scenarios being either a data breach or a credential stuffing attack.

The timing of the notice suggests that the security incident likely occurred on or around November 2nd, 2024, as the company specified this date as the cutoff point for affected accounts. Zello has not provided any additional information about the incident.

Zello alerts users to reset passwords due to security incident